Lawmakers introduce bill designating $28 billion to secure state and local IT systems

Lawmakers introduce bill designating $28 billion to secure state and local IT systems
© iStock

A coalition of lawmakers in the House and Senate on Thursday introduced legislation to funnel federal funds into strengthening state and local information technology systems, following increased stress on these systems during the COVID-19 pandemic. 

The State and Local IT Modernization and Cybersecurity Act — sponsored in the House by Reps. Jim LangevinJames (Jim) R. LangevinThe next pandemic may be cyber — How Biden administration can stop it Hillicon Valley: Parler sues Amazon, asks court to reinstate platform | Twitter stock falls after Trump ban | Facebook pauses political spending in wake of Capitol attack Cyber czar to draw on new powers from defense bill MORE (D-R.I.) and Mike GallagherMichael (Mike) John GallagherCheney tests Trump grip on GOP post-presidency The next pandemic may be cyber — How Biden administration can stop it House approves waiver for Biden's Pentagon nominee MORE (R-Wis.) and in the Senate by Sen. Angus KingAngus KingThe next pandemic may be cyber — How Biden administration can stop it Bipartisan Senate gang to talk with Biden aide on coronavirus relief Angus King warns of 'grave danger' of Trump revealing classified information MORE (I-Maine) — would provide $28 billion in federal aid to state and local governments to help shore up older systems in the midst of the pandemic. 

These funds would be funneled through a “Public Health Emergency Information Technology Grant Program” that would address immediate challenges to IT systems during the coronavirus pandemic, and a “Modernizing Information Technology Program” to purchase new and more secure platforms. 


The bill was introduced after recommendations by the Cyberspace Solarium Commission (CSC), a bipartisan group established by Congress, that released a report in March detailing ways to secure the U.S. against debilitating cyberattacks. 

Langevin, a member of the CSC and the co-chair of the Congressional Cybersecurity Caucus, said in a statement that the COVID-19 pandemic had made clear the negative impact of legacy IT systems on state and local governments. 

“We need immediate investments to ensure state and local employees can safely work remotely, and we need IT modernization strategies to ensure that essential services, like unemployment insurance, can be provided to Americans in need,” Langevin said. 

King and Gallagher, the co-chairs of the CSC, also cited the legislation as essential for state and local governments during the pandemic. 

“This legislation will help our states and localities update their systems, which will improve their security and provide the added benefit of helping state and local governments operate more efficiently in the digital age,” King said in a statement. “It’s necessary for our security, and it will strengthen online services for the American people – a win-win, and one I’m proud to introduce with Representatives Langevin and Gallagher.”


"Outdated legacy systems not only threaten state and local governments' ability to deliver critical services, but can also expose sensitive data to cyber threats," Gallagher said in a separate statement. "An ounce of prevention is worth a pound of cure, and modernizing IT infrastructure is an important step towards ensuring our country is well-defended in cyberspace across all levels of government.”

Other House co-sponsors of the legislation include Rep. Cedric RichmondCedric RichmondAn attack on America that's divided Congress — and a nation Pelosi to seat Iowa Republican as Democratic challenger contests election results Louisiana Rep.-elect Luke Letlow dies of COVID-19 MORE (D-La.), the chairman of the House Homeland Security’s cybersecurity subcommittee, and Reps. Will HurdWilliam Ballard HurdHouse poised to override Trump veto for first time Lawmakers call for including creation of Latino, women's history museums in year-end spending deal House Republicans who didn't sign onto the Texas lawsuit MORE (R-Texas), Dutch RuppersbergerCharles (Dutch) Albert RuppersbergerHillicon Valley: House panel says Intelligence Community not equipped to address Chinese threats | House approves bill to send cyber resources to state, local governments House approves legislation to send cybersecurity resources to state, local governments Hillicon Valley: 'Fortnite' owner sues Apple after game is removed from App Store | Federal agencies seize, dismantle cryptocurrency campaigns of major terrorist organizations MORE (D-Md.), Michael McCaulMichael Thomas McCaulCheney tests Trump grip on GOP post-presidency US ambassador to Israel Twitter account briefly includes West Bank, Gaza Biden urged to reverse Pompeo-Trump move on Houthis MORE (R-Texas), Max RoseMax RoseOvernight Defense: Austin takes helm at Pentagon | COVID-19 briefing part of Day 1 agenda | Outrage over images of National Guard troops in parking garage Austin sworn in as nation's first Black Pentagon chief We lost in November — we're proud we didn't take corporate PAC money MORE (D-N.Y.), and Don Bacon (R-Neb.). 

The bill builds on legislation previously introduced by Richmond that would provide state and local authorities with the funding and resources to address cyber threats and vulnerabilities.

State and local IT officials have faced increasing challenges during the pandemic, as more activities and business has moved online at the same time that budgets have dried up. 

Doug Robinson, the executive director of the National Association of State Chief Information Officers (NASCIO), said in a statement Thursday that the new legislation was “sincerely appreciated.”


“As states are charged with administering critically important federal programs and benefits, this legislation aims to make significant investments in modernizing state and local IT infrastructure,” Robinson said.

NASCIO was among a coalition of groups that sent a letter to congressional leaders in April asking for funds to address cyber and IT infrastructure needs during the pandemic.  

“This surge on our information technology infrastructure requires additional investment in both funding and manpower to keep up with the massive usage,” the groups wrote. “Additionally, malicious cyber actors have used attention on COVID-19 to their advantage, further targeting government infrastructure, the healthcare sector, and individual citizens for internet crimes, such as ransomware, phishing, and computer-enabled financial fraud.”

Lawmakers and state officials had lobbied for more federal resources even before the pandemic, particularly following a year in which ransomware cyberattacks brought the governments of Baltimore and New Orleans, among other government groups, temporarily to their knees.